2343 matches found
[SECURITY] Fedora 25 Update: openssh-7.3p1-4.fc25
SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...
CVE-2016-6393
The AAA service in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.1 through 3.18 and 16.2 allows remote attackers to cause a denial of service device reload via a failed SSH connection attempt that is mishandled during generation of an error-log message, aka Bug ID CSCuy87667...
[SECURITY] Fedora 24 Update: openssh-7.2p2-13.fc24
SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...
Dropbear SSH Arbitrary Code Execution Vulnerability
Dropbear is a relatively small SSH server and client. An arbitrary code execution vulnerability exists in Dropbear dbclient, which can be exploited by a remote attacker to execute arbitrary code when a local dbclient user enters a specific -m or -c parameter...
Dropbear SSH Local Code Execution Vulnerability
Dropbear is a relatively small SSH server and client. An arbitrary code execution vulnerability exists in Dropbear dropbearconvert, which can be exploited by a local attacker to execute arbitrary code...
BSA-2016-009
Summary Security Advisory ID : BSA-2016-009 Component : SSH Revision : 2.0 N/A...
UBUNTU-CVE-2016-2183
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted...
UBUNTU-CVE-2016-6515
The authpassword function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service crypt CPU consumption via a long string...
golang: infinite loop in several big integer routines
A denial of service vulnerability was found in Go's verification of DSA public keys. An attacker could provide a crafted key to HTTPS client or SSH server libraries which would cause the application to enter an infinite loop...
[SECURITY] Fedora 24 Update: gsi-openssh-7.2p2-6.fc24
SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...
[SECURITY] Fedora 24 Update: openssh-7.2p2-10.fc24
SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...
The vulnerability of Fonality’s corporate telephony software allows a perpetrator to gain access to protected information.
The vulnerability of the Fonality corporate telephony software relates to the rigid encoding of registration data for FTP login records. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain access to protected information via FTP or SSH connections...
Cisco IOS XR for Cisco Network Convergence System Denial of Service Vulnerability
Cisco IOS XR on NCS 6000 is an operating system from Cisco that runs on 6000 series router devices. A denial of service vulnerability exists in Cisco IOS XR versions 5.x through 5.2.5 on NCS 6000 devices, which arises from the program failing to properly manage system timer resources. A remote...
CVE-2016-1426
Cisco IOS XR 5.x through 5.2.5 on NCS 6000 devices allows remote attackers to cause a denial of service timer consumption and Route Processor reload via crafted SSH traffic, aka Bug ID CSCux76819...
[SECURITY] Fedora 24 Update: gsi-openssh-7.2p2-5.fc24
SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...
Vulnerability of Cisco Nexus 7000 software, allowing attackers to access confidential information
The GNU Bash command shell, as of version 4.3 bash43-025 and later, incorrectly handles lines that follow the declaration of a specially crafted function, which is exported as a variable. This allows a malicious actor to read and write arbitrary files, as well as perform other undefined actions...
Vulnerability of Cisco Nexus 5000 software, allowing attackers to access confidential information
The GNU Bash command shell, as of version 4.3 bash43-025, incorrectly handles lines that follow the declaration of a specially crafted function, which is exported as a variable. This allows a malicious actor to read and write arbitrary files, as well as perform other unconfirmed actions. Security...
The vulnerability of Cisco PIX software allows a malicious individual to trigger a service failure.
The vulnerability in Cisco PIX systems with open telnet or SSH ports allows attackers to induce service failures by attempting to connect to services at a very high frequency...
The vulnerability of Cisco Nexus 7000 software allows a malicious individual to increase their privileges.
The vulnerability in Cisco NX-OS devices of the Nexus 7000 series – where multiple virtual device contexts VDC are enabled, along with local authentication – allows remote users who have passed authentication to elevate their privileges within an unplanned VDC environment. This is achieved by usi...
The vulnerability of Cisco Nexus 1000V software allows a malicious actor to execute arbitrary code.
The GNU Bash command shell, as of version 4.3 and later, incorrectly handles lines that follow the declaration of a function exported as a variable. This allows a malicious actor to execute arbitrary code by interfering with environment variables. Security researchers have confirmed that this...